htauth 1.0.3 → 1.1.0

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    ZTUyZDQ3ZjdhODM0ZGI2ODZkMjA2NzQ3MGVlMzEyN2RlNGQzZjZmOA==
+  data.tar.gz: !binary |-
+    M2I1NTRmMmRhMzE4NzVlMTY2MjI1OGNhMmExNzUzNzE0YjY2MWI1Yw==
+SHA512:
+  metadata.gz: !binary |-
+    MjBiNzk5NmE4NGM5MGY5OGM1MjU1YWJiMjdiZmZmYTVmYTkyOGY2MDE2OTQ2
+    YmI0ZmU1MGZiNDdiMjE1MzQzZWJmNjY1YWM2OGYxY2EzNWVlZmM1MzE5ZjRj
+    ZWU4NWRmNmVkYWRkYmRhMDgzMjA2MTJjMGM0ZGViMjBmYWQzZTA=
+  data.tar.gz: !binary |-
+    OGY5MTIyMTQxYzM1MGVkODk0OGNjMDdiZDkxNWYyMTI1Y2E3NjNhMTZlMTcy
+    MmIyN2FjZDMyMjA0YjIxYmQ0MzE4ZTgzNDI4ZjAxNzk5YWYxMGUyNmJjZGIz
+    NWZjMmM4ZTAzNzYxMTk4NjNiY2Y0Y2U3MDgwNmQ0Y2I2ZDY3YTQ=

data/CONTRIBUTING.md

@@ -0,0 +1,46 @@
+# Hi there!
+
+I see you are interested in contributing. That is wonderful. I love
+contributions.
+
+I guarantee that there are bugs in this software. And I guarantee that there is
+a feature you want that is not in here yet. As such, any and all bugs reports
+are gratefully accepted, bugfixes even more so. Helping out with bugs is the
+easiest way to contribute.
+
+
+## The Quick Version
+
+* Have a [GitHub Account][].
+* Search the [GitHub Issues][] and see if your issue already present. If so
+  add your comments, :thumbsup:, etc.
+* Issue not there? Not a problem, open up a [new issue][].
+    * **Bug reports** please be as detailed as possible. Include:
+        * full ruby engine and version: `ruby -e 'puts RUBY_DESCRIPTION'`
+        * operating system and version
+        * version of htauth `ruby -rubygems -e "require 'htauth'; puts htauth::VERSION"`
+        * as much detail about the bug as possible so I can replicate it. Feel free
+          to link in a [gist][]
+    * **New Feature**
+        * What the new feature should do.
+        * What benefit the new feature brings to the project.
+* Fork the [repo][].
+* Create a new branch for your issue: `git checkout -b issue/my-issue`
+* Lovingly craft your contribution:
+    * `rake develop` to get started, or if you prefer bundler `rake develop:using_bundler && bundle`.
+    * `rake test` to run tests
+* Make sure that `rake test` passes. It's important, I said it twice.
+* Add yourself to the contributors section below.
+* Submit your [pull request][].
+
+# Contributors
+
+* [Jeremy Hinegardner](https://github.com/copiousfreetime)
+* [Kevin Barnes](https://github.com/vinbarnes)
+
+[GitHub Account]: https://github.com/signup/free "GitHub Signup"
+[GitHub Issues]:  https://github.com/copiousfreetime/htauth/issues "Htauth Issues"
+[new issue]:      https://github.com/copiousfreetime/htauth/issues/new "New Htauth Issue"
+[gist]:           https://gist.github.com/ "New Gist"
+[repo]:           https://github.com/copiousfreetime/htauth "htauth Repo"
+[pull request]:   https://help.github.com/articles/using-pull-requests "Using Pull Requests"

data/HISTORY.md

@@ -0,0 +1,36 @@
+# Changelog
+
+## Version 1.1.0 2014-03-10
+
+* Update highline dependency
+* Change the default algorithm in htpasswd-ruby to be MD5
+* Convert tests to minitest
+* Update to [fixme](http://github.com/copiousfreetime/fixme) project structure
+* General update to ruby 1.9/2.0
+* Fix all -w warnings
+
+## Version 1.0.3 2008-12-20
+
+* update highline dependency
+
+## Version 1.0.2 2008-11-30
+
+### Minor enhancement 
+
+* Change project layout 
+
+## Version 1.0.1 2008-02-06
+
+### Bugfixes
+
+* fix require dependency chain
+* fix gem dependency on rake
+
+## Version 1.0.0 2008-02-05
+
+* Initial public release
+
+### Release Notes
+
+* Look at 'htpasswd-ruby' and 'htdigest-ruby' to get started.
+

data/Manifest.txt

@@ -0,0 +1,45 @@
+CONTRIBUTING.md
+HISTORY.md
+LICENSE
+Manifest.txt
+README.md
+Rakefile
+bin/htdigest-ruby
+bin/htpasswd-ruby
+lib/htauth.rb
+lib/htauth/algorithm.rb
+lib/htauth/crypt.rb
+lib/htauth/digest.rb
+lib/htauth/digest_entry.rb
+lib/htauth/digest_file.rb
+lib/htauth/entry.rb
+lib/htauth/errors.rb
+lib/htauth/file.rb
+lib/htauth/md5.rb
+lib/htauth/passwd.rb
+lib/htauth/passwd_entry.rb
+lib/htauth/passwd_file.rb
+lib/htauth/plaintext.rb
+lib/htauth/sha1.rb
+lib/htauth/version.rb
+spec/crypt_spec.rb
+spec/digest_entry_spec.rb
+spec/digest_file_spec.rb
+spec/digest_spec.rb
+spec/md5_spec.rb
+spec/passwd_entry_spec.rb
+spec/passwd_file_spec.rb
+spec/passwd_spec.rb
+spec/plaintext_spec.rb
+spec/sha1_spec.rb
+spec/spec_helper.rb
+spec/test.add.digest
+spec/test.add.passwd
+spec/test.delete.digest
+spec/test.delete.passwd
+spec/test.original.digest
+spec/test.original.passwd
+spec/test.update.digest
+spec/test.update.passwd
+tasks/default.rake
+tasks/this.rb

data/{README → README.md}

@@ -1,21 +1,20 @@
-== HTAuth
+## HTAuth
 
-* Homepage[http://copiousfreetime.rubyforge.org/htauth]
-* {Rubyforge Project}[http://rubyforge.org/projects/copiousfreetime/]
-* Github[http://github.com/copiousfreetime/htauth/tree/master]
+* [Homepage](http://copiousfreetime.rubyforge.org/htauth)
+* [Github](http://github.com/copiousfreetime/htauth/tree/master)
 * email jeremy at copiousfreetime dot org
 
-== DESCRIPTION
+## DESCRIPTION
 
 HTAuth is a pure ruby replacement for the Apache support programs htdigest and
 htpasswd.  Command line and API access are provided for access to htdigest and
 htpasswd files.
 
-== FEATURES 
+## FEATURES
 
 HTAuth provides to drop in commands *htdigest-ruby* and *htpasswd-ruby* that
 can manipulate the digest and passwd files in the same manner as Apache's
-original commands.  
+original commands.
 
 *htdigest-ruby* and *htpasswd-ruby* are command line compatible with *htdigest*
 and *htpasswd*.  They support the same exact same command line options as the
@@ -24,11 +23,12 @@ originals, and have some extras.
 Additionally, you can access all the functionality of *htdigest-ruby* and
 *htpasswd-ruby* through an API.
 
-== SYNOPSIS
+## SYNOPSIS
 
-* htpasswd-ruby command line application
+### htpasswd-ruby command line application
 
-    Usage: 
+
+    Usage:
     htpasswd-ruby [-cmdpsD] passwordfile username
     htpasswd-ruby -b[cmdpsD] passwordfile username password
 
@@ -46,7 +46,7 @@ Additionally, you can access all the functionality of *htdigest-ruby* and
     -s, --sha1                       Force SHA encryption of the password.
     -v, --version                    Show version info.
 
-* htdigest-ruby command line application
+### htdigest-ruby command line application
 
     Usage: htdigest-ruby [options] passwordfile realm username
     -c, --create                     Create a new digest password file; this overwrites an existing file.
@@ -54,25 +54,24 @@ Additionally, you can access all the functionality of *htdigest-ruby* and
     -h, --help                       Display this help.
     -v, --version                    Show version info.
 
-* API Usage
+### API Usage
 
-   HTAuth::DigestFile.new("some.htdigest") do |df|
+    HTAuth::DigestFile.open("some.htdigest") do |df|
       df.add_or_update('someuser', 'myrealm', 'a password')
       df.delete('someolduser', 'myotherrealm')
-   end
+    end
 
-   HTAuth::PasswdFile.new("some.htpasswd", HTAuth::File::CREATE) do |pf|
+    HTAuth::PasswdFile.open("some.htpasswd", HTAuth::File::CREATE) do |pf|
       pf.add('someuser', 'a password', 'md5')
       pf.add('someotheruser', 'a different password', 'sha1')
-   end
-  
-   
-== CREDITS
+    end
+
+## CREDITS
 
-* {The Apache Software Foundation}[http://www.apache.org/]
-* all the folks who contributed to htdigest and htpassword 
+* [The Apache Software Foundation](http://www.apache.org/)
+* all the folks who contributed to htdigest and htpassword
 
-== LICENSE
+## LICENSE
 
 Copyright (c) 2008 Jeremy Hinegardner
 

data/Rakefile

@@ -0,0 +1,17 @@
+# vim: syntax=ruby
+load 'tasks/this.rb'
+
+This.name     = "htauth"
+This.author   = "Jeremy Hinegardner"
+This.email    = "jeremy@copiousfreetime.org"
+This.homepage = "http://github.com/copiousfreetime/#{ This.name }"
+
+This.ruby_gemspec do |spec|
+  spec.add_development_dependency( 'rake'     , '~> 10.1')
+  spec.add_development_dependency( 'minitest' , '~> 5.0' )
+  spec.add_development_dependency( 'rdoc'     , '~> 4.0' )
+
+  spec.add_dependency("highline", "~> 1.6")
+end
+
+load 'tasks/default.rake'

data/bin/htpasswd-ruby

@@ -8,12 +8,12 @@ rescue LoadError
 end
 
 begin
-    require 'htauth'
+  require 'htauth'
 rescue LoadError 
-    path = File.expand_path(File.join(File.dirname(__FILE__),"..","lib"))
-    raise if $:.include?(path)
-    $: << path
-    retry
+  path = File.expand_path(File.join(File.dirname(__FILE__),"..","lib"))
+  raise if $:.include?(path)
+  $: << path
+  retry
 end
 
 HTAuth::Passwd.new.run(ARGV, ENV)

data/lib/htauth/algorithm.rb

@@ -1,12 +1,10 @@
-require 'htauth'
-
 module HTAuth
   class InvalidAlgorithmError < StandardError ; end
   # base class all the Passwd algorithms derive from
   class Algorithm
 
     SALT_CHARS    = (%w[ . / ] + ("0".."9").to_a + ('A'..'Z').to_a + ('a'..'z').to_a).freeze
-    DEFAULT       = ( RUBY_PLATFORM !~ /mswin32/ ) ? "crypt" : "md5"
+    DEFAULT       = "md5"
     EXISTING      = "existing"
 
     class << self
@@ -62,8 +60,3 @@ module HTAuth
     end
   end
 end
-
-require 'htauth/md5'
-require 'htauth/sha1'
-require 'htauth/crypt'
-require 'htauth/plaintext'

data/lib/htauth/crypt.rb

@@ -10,7 +10,7 @@ module HTAuth
     end
 
     def prefix
-            ""
+      ""
     end
 
     def encode(password)

data/lib/htauth/digest.rb

@@ -1,4 +1,5 @@
-require 'htauth'
+require 'htauth/version'
+require 'htauth/errors'
 require 'htauth/digest_file'
 
 require 'ostruct'
@@ -15,6 +16,8 @@ module HTAuth
 
     def initialize
       @digest_file = nil
+      @option_parser = nil
+      @options = nil
     end
 
     def options
@@ -120,7 +123,7 @@ module HTAuth
         exit 1
       rescue SignalException => se
         $stderr.puts
-        $stderr.puts "Interrupted"
+        $stderr.puts "Interrupted #{se}"
         exit 1
       end
       exit 0

data/lib/htauth/digest_entry.rb

@@ -1,3 +1,4 @@
+require 'htauth/errors'
 require 'htauth/entry'
 require 'digest/md5'
 
@@ -25,11 +26,11 @@ module HTAuth
       # and the md5sum must be 32 characters long.
       def is_entry!(line)
         raise InvalidDigestEntry, "line commented out" if line =~ /\A#/
-          parts = line.strip.split(":")
+        parts = line.strip.split(":")
         raise InvalidDigestEntry, "line must be of the format username:realm:md5checksum" if parts.size != 3
         raise InvalidDigestEntry, "md5 checksum is not 32 characters long" if parts.last.size  != 32
         raise InvalidDigestEntry, "md5 checksum has invalid characters" if parts.last !~ /\A[[:xdigit:]]{32}\Z/
-          return parts
+        return parts
       end
 
       # test if a line is an entry and return true or false
@@ -63,11 +64,11 @@ module HTAuth
     end
 
     def key
-            "#{user}:#{realm}"
+      "#{user}:#{realm}"
     end
 
     def to_s
-            "#{user}:#{realm}:#{digest}"
+      "#{user}:#{realm}:#{digest}"
     end
   end
 end

data/lib/htauth/digest_file.rb

@@ -1,5 +1,5 @@
 require 'stringio'
-
+require 'htauth/errors'
 require 'htauth/file'
 require 'htauth/digest_entry'
 

data/lib/htauth/errors.rb

@@ -0,0 +1,10 @@
+#-- 
+# Copyrigth (c) 2008 Jeremy Hinegardner
+# All rights reserved.  See LICENSE and/or COPYING for details
+#++
+
+module HTAuth
+  class FileAccessError < StandardError ; end
+  class TempFileError < StandardError ; end
+  class PasswordError < StandardError ; end
+end

data/lib/htauth/file.rb

@@ -1,5 +1,5 @@
 require 'stringio'
-require 'htauth'
+require 'htauth/errors'
 
 module HTAuth
   class FileAccessError < StandardError ; end

data/lib/htauth/md5.rb

@@ -60,6 +60,8 @@ module HTAuth
       end
 
 
+      pd = pd.bytes.to_a
+
       l = (pd[ 0]<<16) | (pd[ 6]<<8) | pd[12]
       encoded_password << to_64(l, 4)
 

data/lib/htauth/passwd.rb

@@ -1,4 +1,4 @@
-require 'htauth'
+require 'htauth/errors'
 require 'htauth/passwd_file'
 
 require 'ostruct'
@@ -15,6 +15,8 @@ module HTAuth
 
     def initialize
       @passwd_file = nil
+      @option_parser = nil
+      @options = nil
     end
 
     def options
@@ -56,7 +58,7 @@ EOB
             options.file_mode = HTAuth::File::CREATE
           end
 
-          op.on("-d", "--crypt", "Force CRYPT encryption of the password (default).") do |c|
+          op.on("-d", "--crypt", "Force CRYPT encryption of the password.") do |c|
             options.algorithm = "crypt"
           end
 
@@ -68,7 +70,7 @@ EOB
             options.show_help = h
           end
 
-          op.on("-m", "--md5", "Force MD5 encryption of the password (default on Windows).") do |m|
+          op.on("-m", "--md5", "Force MD5 encryption of the password (default).") do |m|
             options.algorithm = "md5"
           end
 
@@ -88,6 +90,10 @@ EOB
           op.on("-v", "--version", "Show version info.") do |v|
             options.show_version = v
           end
+
+          op.separator ""
+
+          op.separator "The SHA algorihtm does not use a salt and is less secure than the MD5 algorithm"
         end
       end
       @option_parser
@@ -166,7 +172,7 @@ EOB
         exit 1
       rescue SignalException => se
         $stderr.puts
-        $stderr.puts "Interrupted"
+        $stderr.puts "Interrupted #{se}"
         exit 1
       end
       exit 0

data/lib/htauth/passwd_entry.rb

@@ -1,3 +1,4 @@
+require 'htauth/errors'
 require 'htauth/entry'
 require 'htauth/algorithm'
 
@@ -25,7 +26,7 @@ module HTAuth
       # where username, and password do not contain the ':' character 
       def is_entry!(line)
         raise InvalidPasswdEntry, "line commented out" if line =~ /\A#/
-          parts = line.strip.split(":")
+        parts = line.strip.split(":")
         raise InvalidPasswdEntry, "line must be of the format username:pssword" if parts.size != 2
         return parts
       end

data/lib/htauth/passwd_file.rb

@@ -1,83 +1,84 @@
 require 'stringio'
 require 'tempfile'
 
+require 'htauth/errors'
 require 'htauth/file'
 require 'htauth/passwd_entry'
 
 module HTAuth
-    class PasswdFileError < StandardError ; end
+  class PasswdFileError < StandardError ; end
 
-    # PasswdFile provides API style access to an +htpasswd+ produced file
-    class PasswdFile < HTAuth::File
+  # PasswdFile provides API style access to an +htpasswd+ produced file
+  class PasswdFile < HTAuth::File
 
-        ENTRY_KLASS = HTAuth::PasswdEntry
+    ENTRY_KLASS = HTAuth::PasswdEntry
 
-        # does the entry the the specified username and realm exist in the file
-        def has_entry?(username)
-            test_entry = PasswdEntry.new(username)
-            @entries.has_key?(test_entry.key)
-        end
+    # does the entry the the specified username and realm exist in the file
+    def has_entry?(username)
+      test_entry = PasswdEntry.new(username)
+      @entries.has_key?(test_entry.key)
+    end
 
-        # remove an entry from the file
-        def delete(username)
-            if has_entry?(username) then 
-                ir = internal_record(username)
-                line_index = ir['line_index']
-                @entries.delete(ir['entry'].key)
-                @lines[line_index] = nil
-                dirty!
-            end
-            nil
-        end
+    # remove an entry from the file
+    def delete(username)
+      if has_entry?(username) then 
+        ir = internal_record(username)
+        line_index = ir['line_index']
+        @entries.delete(ir['entry'].key)
+        @lines[line_index] = nil
+        dirty!
+      end
+      nil
+    end
 
-        # add or update an entry as appropriate
-        def add_or_update(username, password, algorithm = Algorithm::DEFAULT)
-            if has_entry?(username) then
-                update(username, password, algorithm)
-            else
-                add(username, password, algorithm)
-            end
-        end
+    # add or update an entry as appropriate
+    def add_or_update(username, password, algorithm = Algorithm::DEFAULT)
+      if has_entry?(username) then
+        update(username, password, algorithm)
+      else
+        add(username, password, algorithm)
+      end
+    end
 
-        # add an new record.  raises an error if the entry exists.
-        def add(username, password, algorithm = Algorithm::DEFAULT)
-            raise PasswdFileError, "Unable to add already existing user #{username}" if has_entry?(username)
-            new_entry = PasswdEntry.new(username, password, algorithm)
-            new_index = @lines.size
-            @lines << new_entry.to_s
-            @entries[new_entry.key] = { 'entry' => new_entry, 'line_index' => new_index }
-            dirty!
-            return nil
-        end
+    # add an new record.  raises an error if the entry exists.
+    def add(username, password, algorithm = Algorithm::DEFAULT)
+      raise PasswdFileError, "Unable to add already existing user #{username}" if has_entry?(username)
+      new_entry = PasswdEntry.new(username, password, algorithm)
+      new_index = @lines.size
+      @lines << new_entry.to_s
+      @entries[new_entry.key] = { 'entry' => new_entry, 'line_index' => new_index }
+      dirty!
+      return nil
+    end
 
-        # update an already existing entry with a new password.  raises an error if the entry does not exist
-        def update(username, password, algorithm = Algorithm::EXISTING)
-            raise PasswdFileError, "Unable to update non-existent user #{username}" unless has_entry?(username)
-            ir = internal_record(username)
-            ir['entry'].algorithm = algorithm
-            ir['entry'].password = password
-            @lines[ir['line_index']] = ir['entry'].to_s
-            dirty!
-            return nil
-        end
+    # update an already existing entry with a new password.  raises an error if the entry does not exist
+    def update(username, password, algorithm = Algorithm::EXISTING)
+      raise PasswdFileError, "Unable to update non-existent user #{username}" unless has_entry?(username)
+      ir = internal_record(username)
+      ir['entry'].algorithm = algorithm
+      ir['entry'].password = password
+      @lines[ir['line_index']] = ir['entry'].to_s
+      dirty!
+      return nil
+    end
 
-        # fetches a copy of an entry from the file.  Updateing the entry returned from fetch will NOT
-        # propogate back to the file.
-        def fetch(username)
-            return nil unless has_entry?(username)
-            ir = internal_record(username)
-            return ir['entry'].dup
-        end
+    # fetches a copy of an entry from the file.  Updateing the entry returned from fetch will NOT
+    # propogate back to the file.
+    def fetch(username)
+      return nil unless has_entry?(username)
+      ir = internal_record(username)
+      return ir['entry'].dup
+    end
 
-        def entry_klass
-            ENTRY_KLASS
-        end
+    def entry_klass
+      ENTRY_KLASS
+    end
 
-        private
+    private
 
-        def internal_record(username)
-            e = PasswdEntry.new(username)
-            @entries[e.key]
-        end
+    def internal_record(username)
+      e = PasswdEntry.new(username)
+      @entries[e.key]
     end
+  end
 end

data/lib/htauth/plaintext.rb

@@ -2,17 +2,18 @@ require 'htauth/algorithm'
 
 module HTAuth
 
-    # the plaintext algorithm, which does absolutly  nothing
-    class Plaintext < Algorithm
-        # ignore parameters
-        def initialize(params = {}) 
-        end
-        def prefix
-            ""
-        end
+  # the plaintext algorithm, which does absolutly  nothing
+  class Plaintext < Algorithm
+    # ignore parameters
+    def initialize(params = {})
+    end
+
+    def prefix
+      ""
+    end
 
-        def encode(password)
-            "#{password}"
-        end
+    def encode(password)
+      "#{password}"
     end
+  end
 end